All geek questions in one place

Flow identity

Assume that the Net P process is running under the Windows A1 account. I assume that if a thread (running inside P ) runs under a different identifier (obtained via Thread.CurrentPrincipal.Identity ) than A1 , it still has the same rights as A1 when accessing system resources (e.g. files and etc.)?

Thank you

+4
source share
1 answer

I would not expect a thread that has a different identity to β€œinherit” permissions from the process identifier.

Just to make sure I did an impersonation test. Using the sample WindowsIdentity.Impersonate here, I ran the following code in another thread.

  WindowsIdentity newId = new WindowsIdentity(safeTokenHandle.DangerousGetHandle()); Thread.CurrentPrincipal = new WindowsPrincipal(newId); string foo = System.IO.File.ReadAllText (@"test.txt"); Console.WriteLine(foo); ));  WindowsIdentity newId = new WindowsIdentity(safeTokenHandle.DangerousGetHandle()); Thread.CurrentPrincipal = new WindowsPrincipal(newId); string foo = System.IO.File.ReadAllText (@"test.txt"); Console.WriteLine(foo);

Despite the fact that the process identifier has the right to read test.txt, if the newID does not work.

+5
source

Source: https://habr.com/ru/post/1334416/

More articles:


All Articles